./net/asterisk13, The Asterisk Software PBX

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 13.16.0, Package name: asterisk-13.16.0, Maintainer: jnemeth

Asterisk is a complete PBX in software. It provides all of the
features you would expect from a PBX and more. Asterisk does voice
over IP in three protocols, and can interoperate with almost all
standards-based telephony equipment using relatively inexpensive
hardware.

Asterisk provides Voicemail services with Directory, Call Conferencing,
Interactive Voice Response, Call Queuing. It has support for
three-way calling, caller ID services, ADSI, SIP and H.323 (as both
client and gateway).

This is a long term support version. It is scheduled to go to
security fixes only on October 24th, 2018, and EOL on October 24th,
2019. See here for more information about Asterisk versions:
https://wiki.asterisk.org/wiki/display/AST/Asterisk+Versions

NOTE: This version does not work with the zaptel drivers. It
requires the newer DAHDI drivers which are still being ported.
So, there is no hardware support available at this moment.


Required to run:
[textproc/libxml2] [www/curl] [audio/speex] [lang/perl5] [shells/bash] [devel/libuuid] [textproc/iksemel] [textproc/jansson] [audio/speexdsp]

Required to build:
[pkgtools/cwrappers]

Package options: asterisk-config, jabber, ldap, speex

Master sites: (Expand)


Version history: (Expand)


CVS history: (Expand)


   2017-06-04 09:51:27 by John Nemeth | Files touched by this commit (6) | Package updated
Log message:
Update to Asterisk 13.16.0:  this is mostly a bugfix release.

The Asterisk Development Team would like to announce the release
of Asterisk 13.16.0.

The release of Asterisk 13.16.0 resolves several issues reported by the
community and would have not been possible without your participation.

Thank you!

The following issues are resolved in this release:

Bugs fixed in this release:
-----------------------------------
 * ASTERISK-26982 - chan_sip: rtcp_mux setting may cause ice
      completion failure/delay if client offers rtcp-mux as
      negotiable
      (Reported by Stefan Engström)
 * ASTERISK-26979 - res_rtp_asterisk: SRTP unprotect failed with
      authentication failure 10 or 110
      (Reported by Javier Riveros)
 * ASTERISK-25665 - Duplicate logging in queue log for EXITEMPTY
      events
      (Reported by Ove Aursand)
 * ASTERISK-26998 - res_pjsip_session: INVITE retransmissions
      could still setup the same call again.
      (Reported by Richard Mudgett)
 * ASTERISK-26143 - res_rtp_asterisk: One way audio when
      transcoding
      (Reported by Henning Holtschneider)
 * ASTERISK-26606 - tcptls: Incorrect OpenSSL function call
      leads to misleading error report
      (Reported by Bob Ham)
 * ASTERISK-26983 - Crash in Manager Reload when TLS Config
      Changes
      (Reported by Joshua Elson)
 * ASTERISK-25032 - [patch]cel_odbc sometimes inserts CEL with
      wrong eventtime
      (Reported by Etienne Lessard)
 * ASTERISK-26173 - func_cdr: CDR function does not permit empty
      values to be assigned
      (Reported by gkloepfer)
 * ASTERISK-25506 - [patch]CONFBRIDGE failure after an
      app_confbrige.so module reload results in segfault or
      error/warning messages.
      (Reported by Frederic LE FOLL)
 * ASTERISK-24529 - Using AMI Action Bridge to on an already
      bridged channel causes the incorrect return priority to be used
      (Reported by Corey Farrell)
 * ASTERISK-26860 - Upon RTCP reception, netsock2.c:210
      ast_sockaddr_split_hostport: Port missing in (null)
      (Reported by Evers Lab)
 * ASTERISK-26922 - chan_sip: tcpbind uses wrong source address
      (Reported by Ksenia)
 * ASTERISK-26974 - res_pjsip: Deadlock in T.38 framehook
      (Reported by Richard Mudgett)
 * ASTERISK-26908 - res_pjsip: The ChanIsAvail causes a
      res_pjsip session to be leaked.
      (Reported by Richard Mudgett)
 * ASTERISK-25823 - SIGSEGV, Segmentation fault. -
      ../sysdeps/x86_64/strlen.S: No such file or directory.
      (Reported by Andreas Krüger)
 * ASTERISK-26951 - chan_sip: ACK with SDP does not update a
      direct media bridge
      (Reported by Jean Aunis - Prescom)
 * ASTERISK-26930 - pjproject/Makefile.rules for pjsip 2.6 build
      fails for non-SSE2 instrunction Linux
      (Reported by abelbeck)
 * ASTERISK-26926 - func_speex: Crash caused by frame with no
      datalen
      (Reported by Richard Kenner)
 * ASTERISK-26929 - pjsip: Add database tables for RLS
      (Reported by Joshua Colp)
 * ASTERISK-26953 - Asterisk crash if hep.conf have some missing
      parameters
      (Reported by Joel Vandal)
 * ASTERISK-26890 - STUN server with non-default-route transport
      causes INVITE delay
      (Reported by George Joseph)
 * ASTERISK-26692 - res_rtp_asterisk: Crash in
      dtls_srtp_handle_timeout at res_rtp_asterisk (using chan_sip)
      (Reported by scgm11)
 * ASTERISK-26835 - res_rtp_asterisk: Crash when freeing RTCP
      address string
      (Reported by Niklas Larsson)
 * ASTERISK-26853 - res_rtp_asterisk: Crash in pjnath when
      receiving packet
      (Reported by Adagio)
 * ASTERISK-26613 - format_wav: wav16 format read file only by
      320 - half of frame
      (Reported by Vitaly K)
 * ASTERISK-26169 - format_ogg_vorbis: Memory leak using OGG in
      MixMonitor
      (Reported by Ivan Myalkin)
 * ASTERISK-21856 - STUN never works when asterisk started
      without internet access
      (Reported by Jeremy Kister)
 * ASTERISK-20984 - Audible clicks when playing sox encoded au
      file with STREAM FILE AGI command
      (Reported by Roman S.)
 * ASTERISK-26851 - res_pjsip_sdp_rtp: RTP instance does not use
      same IP as explicit transport
      (Reported by Richard Begg)
 * ASTERISK-26903 - Listening TCP/TLS sockets stop when
      temporarily out of open files
      (Reported by Walter Doekes)
 * ASTERISK-26528 - [UBSAN] strings.h:signed integer overflow in
      ast_str_case_hash
      (Reported by Badalian Vyacheslav)
 * ASTERISK-26928 - pjsip: Add database tables for PUBLISH
      support
      (Reported by Joshua Colp)
 * ASTERISK-26927 - pjproject_bundled: Crash on
      pj_ssl_get_info() while ioqueue_on_read_complete().
      (Reported by Alexander Traud)
 * ASTERISK-26905 - pjproject_bundled:  Merge 3 upstream
      deadlock patches into bundled
      (Reported by Ross Beer)
 * ASTERISK-26897 - chan_sip: Security vulnerability with client
      code header
      (Reported by Alex Villacís Lasso)
 * ASTERISK-25974 - Unused realtime MOH classes not purged on
      'moh reload'
      (Reported by Sébastien Couture)
 * ASTERISK-26916 - res_pjsip: Excessive refcount reached on
      transport ao2 object
      (Reported by Ross Beer)
 * ASTERISK-21721 - SIP Failed to parse multiple Supported:
      headers
      (Reported by Olle Johansson)
 * ASTERISK-26915 - chan_sip: Session Timers required but
      refused wrongly.
      (Reported by Alexander Traud)
 * ASTERISK-26363 - res_pjsip: Bye sent to sip trunk is not
      authenticated even after receiving a 407 error code
      (Reported by Yaacov Akiba Slama)
 * ASTERISK-26896 - Overflow of buffer to PQEscapeStringConn
      with large app_args causes ABRT
      (Reported by twisted)
 * ASTERISK-26705 - libasteriskssl.so not found when asterisk is
      installed for the 1st time
      (Reported by George Joseph)
 * ASTERISK-21009 - xmpp_pubsub_unsubscribe: Could not create IQ
      when creating pubsub unsubscription on client
      (Reported by
      Marcello Ceschia)
 * ASTERISK-25490 - [patch]SDP crypto tag is validated
      incorrectly
      (Reported by Joerg Sonnenberger)
 * ASTERISK-24712 - xmpp: starttls problem causes connection
      spew
      (Reported by Matthias Urlichs)
 * ASTERISK-26086 - res_musiconhold: format option is not
      documented adequately
      (Reported by Jens Bürger)
 * ASTERISK-23996 - No core dumps because of res_musiconhold
      chdir.
      (Reported by Walter Doekes)
 * ASTERISK-26814 - pjproject_bundled build fails to download
      pjproject source when using cURL
      (Reported by Gergely Dömsödi)
 * ASTERISK-23510 - JABBER_STATUS fails with improper code 7 for
      unavailable clients
      (Reported by Anthony Critelli)
 * ASTERISK-21855 - Asterisk crashes when XMPP message is sent
      (JabberSend) and no internet connection is available
      (Reported by Jeremy Kister)
 * ASTERISK-25622 - WARNING for "JABBER: socket read error"
      should be more specific
      (Reported by Sean Darcy)
 * ASTERISK-26818 - cdr: Problem setting variables in h exten
      (Reported by scgm11)
 * ASTERISK-26875 - app_mixmonitor: Recording out of sync when
      183 but no RTP
      (Reported by Aaron An)

Improvements made in this release:
-----------------------------------
 * ASTERISK-26088 - Investigate heavy memory utilization by
      res_pjsip_pubsub
      (Reported by Richard Mudgett)
 * ASTERISK-26427 - res_hep_rtcp: Asterisk Master will report
      channel name with res_hep_rtcp when using chan_sip
      (Reported by Nir Simionovich (GreenfieldTech - Israel))

For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telep … og-13.16.0

Thank you for your continued support of Asterisk!
   2017-05-29 22:52:37 by John Nemeth | Files touched by this commit (2) | Package updated
Log message:
Add fixes for AST-2017-002, AST-2017-003, and AST-2017-004.  Note
that the first two don't affect pkgsrc as we are using chan_sip
not PJSIP.  The last only affects users of SCCP, which is Cisco's
proprietary protocol.

----- AST-2017-002

A remote crash can be triggered by sending a SIP packet to
Asterisk with a specially crafted CSeq header and a Via
header with no branch parameter. The issue is that the
PJSIP RFC 2543 transaction key generation algorithm does
not allocate a large enough buffer. By overrunning the
buffer, the memory allocation table becomes corrupted,
leading to an eventual crash.

This issue is in PJSIP, and so the issue can be fixed
without performing an upgrade of Asterisk at all. However,
we are releasing a new version of Asterisk with the bundled
PJProject updated to include the fix.

If you are running Asterisk with chan_sip, this issue does
not affect you.

----- AST-2017-003

The multi-part body parser in PJSIP contains a logical
error that can make certain multi-part body parts attempt
to read memory from outside the allowed boundaries. A
specially-crafted packet can trigger these invalid reads
and potentially induce a crash.

The issue is within the PJSIP project and not in Asterisk.
Therefore, the problem can be fixed without upgrading
Asterisk. However, we will be releasing a new version of
Asterisk where the bundled version of PJSIP has been
updated to have the bug patched.

If you are using Asterisk with chan_sip, this issue does
not affect you.

----- AST-2017-004

A remote memory exhaustion can be triggered by sending an
SCCP packet to Asterisk system with chan_skinny enabled
that is larger than the length of the SCCP header but
smaller than the packet length specified in the header. The
loop that reads the rest of the packet doesn't detect that
the call to read() returned end-of-file before the expected
number of bytes and continues infinitely. The partial
data message logging in that tight loop causes Asterisk to
exhaust all available memory.
   2017-05-14 00:39:13 by John Nemeth | Files touched by this commit (5)
   2017-04-30 03:22:04 by Ryo ONODERA | Files touched by this commit (612) | Package updated
Log message:
Recursive revbump from boost update
   2017-04-22 23:04:05 by Adam Ciarcinski | Files touched by this commit (670) | Package updated
Log message:
Revbump after icu update
   2017-02-12 07:26:18 by Ryo ONODERA | Files touched by this commit (1451)
Log message:
Recursive revbump from fonts/harfbuzz
   2017-02-06 14:56:14 by Thomas Klausner | Files touched by this commit (1452)
Log message:
Recursive bump for harfbuzz's new graphite2 dependency.
   2017-01-19 19:52:30 by Alistair G. Crooks | Files touched by this commit (352)
Log message:
Convert all occurrences (353 by my count) of

	MASTER_SITES= 	site1 \
			site2

style continuation lines to be simple repeated

	MASTER_SITES+= site1
	MASTER_SITES+= site2

lines. As previewed on tech-pkg. With thanks to rillig for fixing pkglint
accordingly.